You’d think absolutely nothing given he’s a celebrity chef! But having caught an episode of Ramsay’s Hotel Hell last week featuring a supposedly haunted guest house, it wasn’t the ghosts which I (or indeed Ramsay) found the most frightening!
The hapless owner of said haunted guest house had made it company policy to record the names and credit card details of every guest in a big, red book. Ever the showman, Ramsay took off with book in hand and made for the door.
That’s not how to store customer data!
Here at PCI Pal the ease of ‘Ramsay taking the book’ resonated with us. Everyone who processes, stores or transmits cardholder data must adhere to the PCI DSS regulations. In a world where there seems to be a new data breach every week, it’s shocking how many companies store their customer’s details in these unsecured ways. It may not be a red book on a desk, but on spreadsheets which are not password protected or written down on scraps of paper in a call centre for anyone to pick up. Moreover, with less than 100 days until the General Data Protection Regulations comes into effect, the ICO is quite clear on what data can be stored and for what purposes. It’s imperative that companies assess the data they have and the reasons for having it, particularly card details. It’s also very clear on the potential fines for companies who suffer a breach.
There are numerous ways to achieve PCI compliance, which is just a small part of the GDPR puzzle. However, the absolute best way to ensure you are keeping the fraudsters out is to ensure there is nothing for them to take in the first place. Get rid of the red book, meaning Mr Ramsay has absolutely nothing to steal and can stick to the cooking!